Access control list configuration – Interlogix GE-DSSG-244-POE User Manual User Manual

IFS NS3601-24P/4S GE-DSSG-244 and 244-POE User Manual

163

Access Control List Configuration

This page shows the Access Control List (ACL), which is made up of the ACEs defined for this Managed Switch. Each row describes
the ACE that is defined.

„

The maximum number of ACEs is 128.

„

Click on the lowest plus sign to add a new ACE to the list.

The Access Control List Configuration screen is shown

Figure 4-10-2.

Figure 4-10-2

Access Control List Configuration page screenshot

The page includes the following fields:

Object

Description

• Ingress Port

Indicates the ingress port of the ACE. Possible values are:
Any

: The ACE will match any ingress port.

Policy

: The ACE will match ingress ports with a specific policy.

Port

: The ACE will match a specific ingress port.

• Frame Type

Indicates the frame type of the ACE. Possible values are:
Any

: The ACE will match any frame type.

EType

: The ACE will match Ethernet Type frames.

ARP

: The ACE will match ARP/RARP frames.

IPv4

: The ACE will match all IPv4 frames.

IPv4/ICMP

: The ACE will match IPv4 frames with ICMP protocol.

IPv4/UDP

: The ACE will match IPv4 frames with UDP protocol.

IPv4/TCP

: The ACE will match IPv4 frames with TCP protocol.

IPv4/Other

: The ACE will match IPv4 frames, which are not ICMP/UDP/TCP.

• Action

Indicates the forwarding action of the ACE.
Permit

: Frames matching the ACE may be forwarded and learned.

Deny

: Frames matching the ACE are dropped.

• Rate Limiter

Indicates the rate limiter number of the ACE. The allowed range is 1 to 15. When
Disabled is displayed, the rate limiter operation is disabled.

• Port Copy

Indicates the port copy operation of the ACE. Frames matching the ACE are
copied to the port number. The allowed values are Disabled or a specific port
number. When Disabled is displayed, the port copy operation is disabled.

• Logging

Indicates the logging operation of the ACE. Possible values are:
Enabled

: Frames matching the ACE are stored in the System Log.

Disabled

: Frames matching the ACE are not logged.

Please note that the System Log memory size and logging rate is limited.

• Shutdown

Indicates the port shut down operation of the ACE. Possible values are:
Enabled

: If a frame matches the ACE, the ingress port will be disabled.

Disabled

: Port shut down is disabled for the ACE.

• Counter

The counter indicates the number of times the ACE was hit by a frame.

• Modification Buttons

You can modify each ACE (Access Control Entry) in the table using the following

buttons:

: Inserts a new ACE before the current row.

: Edits the ACE row.

: Moves the ACE up the list.